From efe2940b10eb757980f5f4646570475d6eaad456 Mon Sep 17 00:00:00 2001
From: Stephen Paul Weber <singpolyma@singpolyma.net>
Date: Wed, 11 Mar 2026 23:07:50 -0500
Subject: [PATCH 1/2] Detect when disconnected

Sometimes when a connection is closed unceremoniously we cannot tell
until we try to read. This allows us to set an error the rest of the
library will understand so that the disconnect is properly detected.
---
 src/tls_openssl.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/src/tls_openssl.c b/src/tls_openssl.c
index 67d2c8a8..2b536932 100644
--- a/src/tls_openssl.c
+++ b/src/tls_openssl.c
@@ -19,6 +19,7 @@
 
 #ifndef _WIN32
 #include <sys/select.h>
+#include <sys/socket.h>
 #else
 #include <winsock2.h>
 #endif
@@ -963,6 +964,19 @@ int tls_read(struct conn_interface *intf, void *buff, size_t len)
     ret = SSL_read(tls->ssl, buff, len);
     _tls_set_error(tls, ret <= 0 ? SSL_get_error(tls->ssl, ret) : 0);
 
+#ifndef _WIN32
+    if (tls->lasterror == SSL_ERROR_WANT_READ) {
+        char c;
+        ssize_t n = recv(intf->conn->sock, &c, 1, MSG_PEEK);
+        if (n < 0 && errno == ENOTCONN) {
+            strophe_debug(tls->ctx, "tls",
+                          "WANT_READ but connection is closed");
+            _tls_set_error(tls,
+                           SSL_ERROR_SYSCALL); // Set a more appropriate error
+        }
+    }
+#endif
+
     return ret;
 }
 

From c74cf74a665f5cd7c947d3456e63b6b779c1046f Mon Sep 17 00:00:00 2001
From: Stephen Paul Weber <singpolyma@singpolyma.net>
Date: Fri, 13 Mar 2026 23:52:11 -0500
Subject: [PATCH 2/2] Detect disconnection for GnuTLS as well

---
 src/tls_gnutls.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/tls_gnutls.c b/src/tls_gnutls.c
index 0aa7c284..ab9f2f1c 100644
--- a/src/tls_gnutls.c
+++ b/src/tls_gnutls.c
@@ -14,7 +14,9 @@
  *  TLS implementation with GNUTLS
  */
 
+#include <errno.h>
 #include <string.h>
+#include <sys/socket.h>
 #include <gnutls/gnutls.h>
 #include <gnutls/x509.h>
 #include <gnutls/x509-ext.h>
@@ -665,6 +667,15 @@ int tls_read(struct conn_interface *intf, void *buff, size_t len)
     ret = gnutls_record_recv(tls->session, buff, len);
     tls->lasterror = ret < 0 ? ret : 0;
 
+    if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) {
+        char c;
+        ssize_t n = recv(intf->conn->sock, &c, 1, MSG_PEEK);
+        if (n < 0 && errno == ENOTCONN) {
+            strophe_debug(tls->ctx, "tls", "EAGAIN but connection is closed");
+            tls->lasterror = GNUTLS_E_PULL_ERROR;
+        }
+    }
+
     return ret;
 }